sconroy1

Thanks to all who have helped me. I should be good from here. I will post again if I need any further guidance.

How would I go about removing the partition and preparing my computer for a clean install? Basically, how can I go about making sure NOTHING is on that HDD before I install Windows again?

Good news! I was able to slave my problem HDD and transfer all of my important files to another location. I'm going to reformat the HDD and install Windows 7 on the blank HDD and hope that nothing from here goes wrong.

I am away for the weekend and will resume work on the computer on Sunday or Monday. Thanks for all of the support thus far.

Pedro, Your method sounds excellent. It's certainly the most efficient method, except for one problem; I'm not on a local network. The problem computer was hard wired to the internet, and there's not a router I could configure to the internet using the problem computer at this point I suspect. Firefox, If I cannot get AdvancedSetup's method to work then I will certainly go out and buy the handy looking piece of hardware. This isn't the first time I wished such a product was made and I guess wishes do come true as I had no clue this product existed. Advanced, It seems like I'm going to be doing a little operation with my computer in the next day or two. Just some clarifying questions as I like to think I'm pretty intelligent when it comes to this stuff, but nonetheless I have little experience gutting open hardware and I'd like to know exactly what I'm doing before I screw something up. First off, before I decide to pull the HDD out of the socket and find another computer to slave it to, do you think that running a program such as SpinRite would have any chance of remedying my probem? Secondly, I have an external USB HDD that had been hooked up to the failing computer. Is there a way to switch the external into a primary drive and then make the problem HDD the slave as demonstrated in the above tutorial? If so that would make my life a lot easier! Thanks for all of your help once again!

Tried with Avira. Found a tutorial on their website and followed the directions. It found and renamed a few files but I'm still getting the same error message when I attempt to boot. Same result when trying to run in safe mode. I guess the next step is to reformat and install windows. Before I do that, an explanation of how I could slave the drive and backup any files I would want off of the drive would be much appreciated. Also, would I directly be able to install a copy of Windows 7 if I'm going to go through the trouble of reformatting my drive, or should I get XP on there and deal with Windows 7 another time? Thanks for all your help!

Performed both FIXBOOT AND FIXMBR without success. Still can't even log onto Safe Mode. Original error message is still present.

I ran chkdsk with the bootable XP CD which found no errors. I then ran chkdsk /p which did find one of more errors on the volume. Next I ran chkdsk /r in hopes of repairing the disc, however when I go to start my computer I'm still receiving the same error at startup.

I ran a full battery of tests overnight with Dell's included software after hitting F12. I passed all tests with no errors. What is my course of action now with an XP CD?

Yes, I will be able to have an XP CD by the morning. It's 9:31PM here.

What about Ultimate Boot as you've mentioned earlier? Is it possible for me to download then burn this onto a CD and proceed with my task?

Thanks for the prompt response. To my knowledge I do not have the recovery console installed. Would it typically come installed in a Dell bought computer? I am not able to boot in safe mode or in last known good. Unfortunately, I do not have a bootable XP cd nor do I have Ultimate Boot. I do have a second computer however; one that can burn a CD or DVD. Is there a link that I could download a boot CD onto and thus burn it onto a CD and insert it into the non working computer? My knowledge of Linux is extremely limited and I would advise against myself getting involved with it.

Thanks, but frankly I'm not sure if I'm infected with a virus or I have an issue with a device driver. Additionally, before I go about partitioning my drive, I would like to attempt to back up any files on the HDD as well as upgrade from XP to Windows 7. I realize this is a bit of a complex problem with many variables, but any assistance that can be provided would be appreciated. Thanks once again.

I went to boot my computer this morning and I have this boot error pop up. It identifies the problem as: STOP: 0x0000007B (0XBA4C3524, 0XC0000034, 0X00000000, 0X00000000) I've tried booting in safe mode to no avail. I've ran a number of diagnostic tests on the boot partition however I pass all the tests. I'm thinking that my next step should be to run a bootdisk and perform chkdsk however I'd rather the advice from an expert as opposed to playing around with something like this. Any help would be greatly apprediated. Thanks in advance, Steve

Error Code: 714(0,9) in Version 1.34 Any help would be appreciated. I have a niggling little spyware bot and I can't figure out the best course of action to get rid of it. Any help would be appreciated.

My computer is infected with XP Internet Security 2010. MBAM won't run. I've tried a few solutions, including using spybot which many have been successful with, to no avail. Here are the logs to start you off that you are requiring to be posted. As always thanks in advance! DDS (Ver_09-12-01.01) - NTFSx86 Run by Stephen Conroy at 10:59:34.20 on Thu 02/25/2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1463 [GMT -5:00] AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\Ati2evxx.exe svchost.exe svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.EXE svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Stephen Conroy\Local Settings\Application Data\av.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Common Files\AOL\1197034437\ee\AOLSoftware.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\stsystra.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\3M\PDNotes\PDNotes.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\common files\aol\1197034437\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe G:\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.live.com uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet uRun: [DS3 Tool] c:\program files\motioninjoy\ds3\DS3_Tool.exe -mini mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe" mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall mRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe mRun: [MsmqIntCert] regsvr32 /s mqrt.dll mRun: [OpwareSE2] "c:\program files\scansoft\omnipagese2.0\OpwareSE2.exe" mRun: [HostManager] c:\program files\common files\aol\1197034437\ee\AOLSoftware.exe mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot dRunOnce: [RunNarrator] Narrator.exe StartupFolder: c:\docume~1\stephe~1\startm~1\programs\startup\maxtv.lnk - c:\program files\dmv\maxtv\MaxTV.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\post-i~1.lnk - c:\program files\3m\pdnotes\PDNotes.exe IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/3/B/E/3BE57995-8452-41F1-8297-DD75EF049853/VirtualEarth3D.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab DPF: {6F750203-1362-4815-A476-88533DE61D0C} - hxxp://adobe.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab DPF: {A959E4A5-0B3D-449E-9998-348705BD4092} - hxxp://www.servicemagic.com/smod/smdesktop.CAB DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\puresp.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\stephe~1\applic~1\mozilla\firefox\profiles\yrichvqd.default\ FF - prefs.js: network.proxy.type - 2 FF - plugin: c:\documents and settings\patrick\application data\move networks\plugins\npqmp071505000010.dll FF - plugin: c:\documents and settings\patrick\application data\move networks\plugins\npqmp071505000011.dll FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\mozilla firefox\plugins\NPAdbESD.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll FF - plugin: c:\program files\mozilla firefox\plugins\npmnqmp07030901.dll FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-10 64160] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-5-31 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-5-31 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-5-31 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-31 56816] R2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta;c:\windows\system32\drivers\dualshock3.sys [2010-1-18 11392] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1028432] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2010-1-18 33792] S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\drivers\MijXfilt.sys [2010-1-18 48128] S3 VKeyboard;Virtual Keyboard Device;c:\windows\system32\drivers\vkeyboard.sys --> c:\windows\system32\drivers\VKeyboard.sys [?] S3 VPS3Joy;Virtual Playstation(3) Joystick;c:\windows\system32\drivers\vps3joy.sys --> c:\windows\system32\drivers\VPS3Joy.sys [?] =============== Created Last 30 ================ 2010-02-25 15:53:10 20 ----a-w- c:\documents and settings\stephen conroy\defogger_reenable 2010-02-04 16:50:59 0 dc----w- c:\docume~1\alluse~1\applic~1\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} ==================== Find3M ==================== 2010-01-19 02:04:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01009.Wdf 2010-01-19 02:04:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_MijXfilt_01009.Wdf 2010-01-19 02:04:08 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf 2010-01-15 21:45:36 48128 ----a-w- c:\windows\system32\drivers\MijXfilt.sys 2010-01-13 15:52:50 7520 --sha-w- c:\windows\system32\KGyGaAvL.sys 2009-12-31 16:14:12 352640 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-31 16:14:12 352640 ------w- c:\windows\system32\dllcache\srv.sys 2009-12-21 13:19:18 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe 2009-12-14 07:35:35 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-14 07:35:35 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll 2009-12-09 05:53:44 726528 ----a-w- c:\windows\system32\dllcache\jscript.dll 2009-12-08 18:14:02 2185984 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-12-08 18:11:44 2142720 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-12-08 18:11:44 2142720 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-08 17:35:25 2020864 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-12-08 17:35:25 2020864 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-08 17:35:22 2063104 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-08 08:59:48 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll 2009-12-04 14:41:55 453760 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2009-11-27 17:04:16 1291776 ----a-w- c:\windows\system32\quartz.dll 2009-11-27 17:04:16 1291776 ------w- c:\windows\system32\dllcache\quartz.dll 2009-11-27 17:04:15 17920 ----a-w- c:\windows\system32\msyuv.dll 2009-11-27 17:04:15 17920 ------w- c:\windows\system32\dllcache\msyuv.dll 2009-11-27 16:37:27 8704 ----a-w- c:\windows\system32\tsbyuv.dll 2009-11-27 16:37:27 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll 2009-11-27 16:37:27 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-11-27 16:37:27 84992 ------w- c:\windows\system32\dllcache\avifil32.dll 2009-11-27 16:37:27 48128 ----a-w- c:\windows\system32\iyuv_32.dll 2009-11-27 16:37:27 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll 2009-11-27 16:37:27 28672 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-27 16:37:27 28672 ------w- c:\windows\system32\dllcache\msvidc32.dll 2009-11-27 16:37:27 11264 ----a-w- c:\windows\system32\msrle32.dll 2009-11-27 16:37:27 11264 ------w- c:\windows\system32\dllcache\msrle32.dll 2009-08-15 15:21:32 16384 -csha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat 2009-08-15 15:21:32 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009081520090816\index.dat ============= FINISH: 11:00:33.75 =============== attach.zip

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:26:23 PM, on 4/14/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Common Files\AOL\1197034437\ee\AOLSoftware.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Digital Line Detect\DLG.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\program files\common files\aol\1197034437\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1197034437\ee\AOLSoftware.exe O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [GooredFixCleanup] C:\WINDOWS\system32\cmd.exe /Q /C "del C:\DOCUME~1\STEPHE~1\LOCALS~1\Temp\_gooredcleanup.bat" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV\MaxTV.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://adobe.kodakgallery.com/downloads/BU..._2/axofupld.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {A959E4A5-0B3D-449E-9998-348705BD4092} (Desktop.Smdesk) - http://www.servicemagic.com/smod/smdesktop.CAB O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe -- End of file - 9992 bytes I suppose everything went well. Nothing out of order happened, though not much was happening with what you told me to do.

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:36:50 PM, on 4/12/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\stsystra.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Common Files\AOL\1197034437\ee\AOLSoftware.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Digital Line Detect\DLG.exe c:\program files\common files\aol\1197034437\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\AIM\aim.exe C:\Program Files\Common Files\AOL\1197034437\EE\aolsoftware.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1197034437\ee\AOLSoftware.exe O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-2560306997-580925832-812904618-1006\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Patrick') O4 - HKUS\S-1-5-21-2560306997-580925832-812904618-1006\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Patrick') O4 - HKUS\S-1-5-21-2560306997-580925832-812904618-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Patrick') O4 - HKUS\S-1-5-21-2560306997-580925832-812904618-1006\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 (User 'Patrick') O4 - HKUS\S-1-5-21-2560306997-580925832-812904618-1006\..\Run: [shutterflyStudio] C:\Program Files\Shutterfly\Studio\BIN\SFlyStudio.exe /trayonly (User 'Patrick') O4 - HKUS\S-1-5-21-2560306997-580925832-812904618-1006\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler (User 'Patrick') O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV\MaxTV.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://adobe.kodakgallery.com/downloads/BU..._2/axofupld.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {A959E4A5-0B3D-449E-9998-348705BD4092} (Desktop.Smdesk) - http://www.servicemagic.com/smod/smdesktop.CAB O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe -- End of file - 11000 bytes

Yes, I'm aware I have mIRC installed on my computer. Though, nowadays I rarely use it. I'd be willing to uninstall it if you want.

ComboFix 09-04-04.01 - Stephen Conroy 2009-04-11 16:02:01.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1538 [GMT -4:00] Running from: c:\documents and settings\Stephen Conroy\Desktop\Combo-Fix.exe Command switches used :: c:\documents and settings\Stephen Conroy\Desktop\CFScript.txt AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) * Created a new restore point FILE :: c:\windows\system32\drivers\uhzzdvnk.sys . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_xrxyv ((((((((((((((((((((((((( Files Created from 2009-03-11 to 2009-04-11 ))))))))))))))))))))))))))))))) . 2009-04-05 22:25 . 2009-04-05 22:25 410,984 --a------ c:\windows\system32\deploytk.dll 2009-03-22 23:38 . 2009-03-22 23:38 <DIR> d-------- c:\program files\Trend Micro 2009-03-13 00:47 . 2009-03-13 00:47 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-03-13 00:34 . 2009-03-13 00:34 <DIR> d-------- c:\program files\Avira 2009-03-13 00:34 . 2009-03-13 00:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-03-12 23:05 . 2009-03-12 23:05 <DIR> d-------- c:\documents and settings\Stephen Conroy\Application Data\Malwarebytes 2009-03-12 21:59 . 2009-03-12 21:59 <DIR> d-------- c:\program files\FileASSASSIN 2009-03-12 21:54 . 2009-04-09 00:13 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-12 21:54 . 2009-03-12 21:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-03-12 21:54 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-03-12 21:54 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-03-11 00:56 . 2009-01-18 17:35 15,688 --a------ c:\windows\system32\lsdelete.exe 2009-03-11 00:45 . 2009-03-11 00:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2009-03-11 00:45 . 2009-03-11 00:45 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-03-11 00:45 . 2009-04-06 00:45 64,160 --a------ c:\windows\system32\drivers\Lbd.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-11 14:20 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-04-10 22:15 --------- d--h--w c:\documents and settings\Patrick\Application Data\Move Networks 2009-04-10 14:39 --------- d-----w c:\program files\AOL 9.1 2009-04-06 02:25 --------- d-----w c:\program files\Java 2009-04-06 02:24 --------- d-----w c:\program files\Common Files\Adobe 2009-03-25 03:13 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint 2009-03-11 04:45 --------- d-----w c:\program files\Lavasoft 2009-02-21 14:25 --------- d-----w c:\documents and settings\Patrick\Application Data\Apple Computer . ((((((((((((((((((((((((((((( SnapShot_2009-04-09_ 0.09.37.57 ))))))))))))))))))))))))))))))))))))))))) . - 2009-04-09 01:24:16 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2009-04-11 01:24:20 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2009-04-09 01:24:16 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2009-04-11 01:24:20 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2009-04-09 04:01:07 223,912 ----a-w c:\windows\system32\inetsrv\MetaBase.bin + 2009-04-11 20:20:52 223,915 ----a-w c:\windows\system32\inetsrv\MetaBase.bin - 2009-04-08 02:28:19 7,520 --sha-w c:\windows\system32\KGyGaAvL.sys + 2009-04-11 01:27:06 7,520 --sha-w c:\windows\system32\KGyGaAvL.sys + 2009-04-11 20:20:36 16,384 ----atw c:\windows\temp\Perflib_Perfdata_148.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-05 136600] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2007-08-28 73728] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696] "HostManager"="c:\program files\Common Files\AOL\1197034437\ee\AOLSoftware.exe" [2008-06-24 41824] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-06 515416] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 c:\windows\stsystra.exe] "MsmqIntCert"="mqrt.dll" [2007-07-06 c:\windows\system32\mqrt.dll] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-04-11 24576] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] -ra------ 2006-10-23 08:50 71216 c:\program files\Common Files\AOL\ACS\AOLDial.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] --a------ 2008-06-24 14:34 41824 c:\program files\Common Files\AOL\1197034437\EE\aolsoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-03-30 10:36 267048 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot] --a------ 2005-09-08 20:20 8192 c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-06-25 23:49 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2006-06-16 11:46 180269 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\AIM\\aim.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Documents and Settings\\Stephen Conroy\\Application Data\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\Program Files\\TVAnts\\Tvants.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"= "c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"= "c:\\Program Files\\Common Files\\AOL\\1197034437\\EE\\aolsoftware.exe"= "c:\\Program Files\\AOL 9.1\\waol.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"= "c:\\Program Files\\Common Files\\AOL\\1197034437\\ee\\aolservicehost.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\EA SPORTS\\MVP Baseball 2005\\mvp2005.exe"= "c:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"= "c:\\Program Files\\THQ\\Company of Heroes - Balance Playtest\\RelicCOH.exe"= "c:\\Program Files\\THQ\\Company of Heroes - Balance Playtest\\RelicDownloader\\RelicDownloader.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "67:UDP"= 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-11 64160] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951632] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - D:\Launch.exe . Contents of the 'Scheduled Tasks' folder 2009-04-08 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-04-06 00:45] 2009-04-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57] 2009-04-11 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 00:07] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.live.com mStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Trusted Zone: musicmatch.com\online FF - ProfilePath - c:\documents and settings\Stephen Conroy\Application Data\Mozilla\Firefox\Profiles\yrichvqd.default\ FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAdbESD.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npmnqmp07030901.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-11 16:21:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-2560306997-580925832-812904618-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:8f,b3,f3,87,0e,7a,e6,7b,42,6d,b7,10,64,57,30,16,70,ef,72,63,a4,9a,8d, 98,35,65,c9,8a,c9,8f,0f,ea,e7,d1,52,50,99,7d,9d,ae,c9,f9,d2,f2,c2,9c,cb,75,\ "??"=hex:0c,2b,0c,1b,89,60,a6,e2,ba,7b,8b,cd,62,81,bf,a6 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(632) c:\windows\system32\Ati2evxx.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\windows\system32\msdtc.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Common Files\AOL\ACS\AOLacsd.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\ehome\ehrecvr.exe c:\windows\ehome\ehSched.exe c:\windows\system32\inetsrv\inetinfo.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\mqsvc.exe c:\program files\Pure Networks\Network Magic\nmsrvc.exe c:\windows\system32\mqtgsvc.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\dllhost.exe c:\windows\ehome\ehmsas.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\Common Files\AOL\1197034437\EE\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe c:\windows\system32\wscntfy.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe . ************************************************************************** . Completion time: 2009-04-11 16:28:53 - machine was rebooted ComboFix-quarantined-files.txt 2009-04-11 20:28:50 ComboFix2.txt 2009-04-09 04:10:28 ComboFix3.txt 2009-04-05 00:20:10 ComboFix4.txt 2009-04-04 22:23:33 Pre-Run: 5,054,513,152 bytes free Post-Run: 5,178,810,368 bytes free 225 --- E O F --- 2009-04-05 07:03:05 JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Sat Apr 11 16:36:17 2009 Found and removed: C:\Program Files\Java\j2re1.4.2_03 Found and removed: C:\Program Files\Java\jre1.6.0_02 Found and removed: Software\JavaSoft\Java2D\1.5.0_03 Found and removed: Software\JavaSoft\Java2D\1.5.0_06 Found and removed: Software\JavaSoft\Java2D\1.5.0_10 Found and removed: SOFTWARE\Classes\JavaPlugin.150_06 Found and removed: SOFTWARE\Classes\JavaPlugin.150_10 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\Classes\JavaPlugin.142_03 Found and removed: Software\Classes\JavaPlugin.160_01 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\ ------------------------------------ Finished reporting. -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Saturday, April 11, 2009 Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Saturday, April 11, 2009 22:07:24 Records in database: 2035235 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ Scan statistics: Files scanned: 131987 Threat name: 3 Infected objects: 3 Suspicious objects: 0 Duration of the scan: 02:12:12 File name / Threat name / Threats count C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.617 1 C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\gaopdxfpykxxugnqmoeasrvqxruolmeoyngpxj.sys.vir Infected: Trojan.Win32.Tdss.ttk 1 C:\Qoobox\Quarantine\C\WINDOWS\system32\gaopdxddjnjaliugotixisvloempmtaiydcanw.dll.vir Infected: Trojan-Spy.Win32.Small.cbd 1 The selected area was scanned.

Sorry, it's busy season at work, and haven't had a lot of time at home lately. Anyway, here are the logs you asked for: Malwarebytes' Anti-Malware 1.36 Database version: 1954 Windows 5.1.2600 Service Pack 2 4/9/2009 1:06:46 AM mbam-log-2009-04-09 (01-06-46).txt Scan type: Full Scan (C:\|) Objects scanned: 218300 Time elapsed: 53 minute(s), 20 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ComboFix 09-04-04.01 - Stephen Conroy 2009-04-08 23:52:33.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1540 [GMT -4:00] Running from: c:\documents and settings\Stephen Conroy\Desktop\Combo-Fix.exe Command switches used :: c:\documents and settings\Stephen Conroy\Desktop\CFScript.txt AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) * Created a new restore point FILE :: c:\windows\system32\drivers\uhzzdvnk.sys c:\windows\system32\vtfojmze.fzv . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_VTFOJMZE ((((((((((((((((((((((((( Files Created from 2009-03-09 to 2009-04-09 ))))))))))))))))))))))))))))))) . 2009-04-05 22:25 . 2009-04-05 22:25 410,984 --a------ c:\windows\system32\deploytk.dll 2009-03-22 23:38 . 2009-03-22 23:38 <DIR> d-------- c:\program files\Trend Micro 2009-03-13 00:47 . 2009-03-13 00:47 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-03-13 00:34 . 2009-03-13 00:34 <DIR> d-------- c:\program files\Avira 2009-03-13 00:34 . 2009-03-13 00:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-03-12 23:05 . 2009-03-12 23:05 <DIR> d-------- c:\documents and settings\Stephen Conroy\Application Data\Malwarebytes 2009-03-12 21:59 . 2009-03-12 21:59 <DIR> d-------- c:\program files\FileASSASSIN 2009-03-12 21:54 . 2009-04-04 20:41 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-12 21:54 . 2009-03-12 21:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-03-12 21:54 . 2009-03-26 16:49 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-03-12 21:54 . 2009-03-26 16:49 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-03-11 00:56 . 2009-01-18 17:35 15,688 --a------ c:\windows\system32\lsdelete.exe 2009-03-11 00:45 . 2009-03-11 00:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2009-03-11 00:45 . 2009-03-11 00:45 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-03-11 00:45 . 2009-04-06 00:45 64,160 --a------ c:\windows\system32\drivers\Lbd.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-08 05:28 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-04-06 02:25 --------- d-----w c:\program files\Java 2009-04-06 02:24 --------- d-----w c:\program files\Common Files\Adobe 2009-03-25 03:13 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint 2009-03-11 04:45 --------- d-----w c:\program files\Lavasoft 2009-02-21 14:25 --------- d-----w c:\documents and settings\Patrick\Application Data\Apple Computer 2009-02-14 22:09 --------- d--h--w c:\documents and settings\Patrick\Application Data\Move Networks . ((((((((((((((((((((((((((((( SnapShot@2009-04-04_18.22.05.59 ))))))))))))))))))))))))))))))))))))))))) . + 2009-02-09 10:20:05 1,847,424 ----a-w c:\windows\$hf_mig$\KB958690\SP2QFE\win32k.sys + 2009-02-09 11:13:27 1,846,784 ----a-w c:\windows\$hf_mig$\KB958690\SP3GDR\win32k.sys + 2009-02-09 11:08:53 1,847,552 ----a-w c:\windows\$hf_mig$\KB958690\SP3QFE\win32k.sys + 2008-07-09 07:38:24 17,272 ----a-w c:\windows\$hf_mig$\KB958690\spmsg.dll + 2008-07-09 07:38:25 231,288 ----a-w c:\windows\$hf_mig$\KB958690\spuninst.exe + 2008-07-09 07:38:24 26,488 ----a-w c:\windows\$hf_mig$\KB958690\update\spcustom.dll + 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB958690\update\update.exe + 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB958690\update\updspapi.dll + 2008-12-05 06:41:26 144,896 ----a-w c:\windows\$hf_mig$\KB960225\SP2QFE\schannel.dll + 2008-12-05 06:54:55 144,896 ----a-w c:\windows\$hf_mig$\KB960225\SP3GDR\schannel.dll + 2008-12-05 06:58:08 144,896 ----a-w c:\windows\$hf_mig$\KB960225\SP3QFE\schannel.dll + 2007-11-30 11:18:51 17,272 ----a-w c:\windows\$hf_mig$\KB960225\spmsg.dll + 2007-11-30 11:18:51 231,288 ----a-w c:\windows\$hf_mig$\KB960225\spuninst.exe + 2007-11-30 11:18:51 26,488 ----a-w c:\windows\$hf_mig$\KB960225\update\spcustom.dll + 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB960225\update\update.exe + 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB960225\update\updspapi.dll + 2005-10-21 00:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE - 2009-03-13 01:08:28 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat + 2009-04-09 01:24:16 32,768 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat - 2009-03-13 01:08:28 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2009-04-09 01:24:16 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2007-04-25 14:21:15 144,896 ------w c:\windows\system32\dllcache\schannel.dll + 2008-12-05 07:12:45 144,896 ------w c:\windows\system32\dllcache\schannel.dll - 2008-09-15 11:57:41 1,846,016 ------w c:\windows\system32\dllcache\win32k.sys + 2009-02-09 10:19:34 1,846,272 ------w c:\windows\system32\dllcache\win32k.sys + 2009-04-06 04:45:20 64,160 -c--a-w c:\windows\system32\DRVSTORE\lbd_1D149FE61E2CD0936E43877117FE3EF0674B9944\Lbd.sys - 2008-11-20 20:59:15 197,752 ----a-w c:\windows\system32\FNTCACHE.DAT + 2009-04-05 07:09:24 197,752 ----a-w c:\windows\system32\FNTCACHE.DAT - 2009-04-04 22:10:06 223,913 ----a-w c:\windows\system32\inetsrv\MetaBase.bin + 2009-04-09 04:01:07 223,912 ----a-w c:\windows\system32\inetsrv\MetaBase.bin - 2008-02-22 05:23:35 135,168 ----a-w c:\windows\system32\java.exe + 2009-04-06 02:25:36 144,792 ----a-w c:\windows\system32\java.exe - 2008-02-22 05:23:39 135,168 ----a-w c:\windows\system32\javaw.exe + 2009-04-06 02:25:36 144,792 ----a-w c:\windows\system32\javaw.exe - 2008-02-22 06:33:32 139,264 ----a-w c:\windows\system32\javaws.exe + 2009-04-06 02:25:36 148,888 ----a-w c:\windows\system32\javaws.exe - 2009-04-01 02:24:27 7,520 --sha-w c:\windows\system32\KGyGaAvL.sys + 2009-04-08 02:28:19 7,520 --sha-w c:\windows\system32\KGyGaAvL.sys - 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe + 2009-02-25 16:55:00 24,768,960 ----a-w c:\windows\system32\MRT.exe - 2007-04-25 14:21:15 144,896 ----a-w c:\windows\system32\schannel.dll + 2008-12-05 07:12:45 144,896 ----a-w c:\windows\system32\schannel.dll - 2008-07-09 07:38:24 17,272 ------w c:\windows\system32\spmsg.dll + 2007-11-30 11:18:51 17,272 ------w c:\windows\system32\spmsg.dll - 2006-10-16 20:10:58 23,856 ----a-w c:\windows\system32\spupdsvc.exe + 2007-07-27 13:41:38 26,488 ----a-w c:\windows\system32\spupdsvc.exe - 2008-09-15 11:57:41 1,846,016 ----a-w c:\windows\system32\win32k.sys + 2009-02-09 10:19:34 1,846,272 ----a-w c:\windows\system32\win32k.sys - 2007-06-12 03:51:12 10,834,944 ----a-w c:\windows\system32\wmp.dll + 2008-11-11 22:34:42 10,838,016 ----a-w c:\windows\system32\wmp.dll + 2009-04-09 04:00:43 16,384 ----atw c:\windows\temp\Perflib_Perfdata_f4.dat . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-05 136600] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2007-08-28 73728] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696] "HostManager"="c:\program files\Common Files\AOL\1197034437\ee\AOLSoftware.exe" [2008-06-24 41824] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-06 515416] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 c:\windows\stsystra.exe] "MsmqIntCert"="mqrt.dll" [2007-07-06 c:\windows\system32\mqrt.dll] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-04-11 24576] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] -ra------ 2006-10-23 08:50 71216 c:\program files\Common Files\AOL\ACS\AOLDial.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] --a------ 2008-06-24 14:34 41824 c:\program files\Common Files\AOL\1197034437\EE\aolsoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-03-30 10:36 267048 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot] --a------ 2005-09-08 20:20 8192 c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-06-25 23:49 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2006-06-16 11:46 180269 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\AIM\\aim.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Documents and Settings\\Stephen Conroy\\Application Data\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\Program Files\\TVAnts\\Tvants.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"= "c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"= "c:\\Program Files\\Common Files\\AOL\\1197034437\\EE\\aolsoftware.exe"= "c:\\Program Files\\AOL 9.1\\waol.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"= "c:\\Program Files\\Common Files\\AOL\\1197034437\\ee\\aolservicehost.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\EA SPORTS\\MVP Baseball 2005\\mvp2005.exe"= "c:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"= "c:\\Program Files\\THQ\\Company of Heroes - Balance Playtest\\RelicCOH.exe"= "c:\\Program Files\\THQ\\Company of Heroes - Balance Playtest\\RelicDownloader\\RelicDownloader.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "67:UDP"= 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-11 64160] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951632] S0 xrxyv;xrxyv;c:\windows\system32\drivers\uhzzdvnk.sys --> c:\windows\system32\drivers\uhzzdvnk.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - D:\Launch.exe . Contents of the 'Scheduled Tasks' folder 2009-04-08 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-04-06 00:45] 2009-04-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57] 2009-04-09 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 00:07] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.live.com mStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Trusted Zone: musicmatch.com\online FF - ProfilePath - c:\documents and settings\Stephen Conroy\Application Data\Mozilla\Firefox\Profiles\yrichvqd.default\ FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAdbESD.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npmnqmp07030901.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-09 00:03:06 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-2560306997-580925832-812904618-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:8f,b3,f3,87,0e,7a,e6,7b,42,6d,b7,10,64,57,30,16,70,ef,72,63,a4,9a,8d, 98,35,65,c9,8a,c9,8f,0f,ea,e7,d1,52,50,99,7d,9d,ae,c9,f9,d2,f2,c2,9c,cb,75,\ "??"=hex:0c,2b,0c,1b,89,60,a6,e2,ba,7b,8b,cd,62,81,bf,a6 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(632) c:\windows\system32\Ati2evxx.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\windows\system32\msdtc.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Common Files\AOL\ACS\AOLacsd.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\ehome\ehrecvr.exe c:\windows\ehome\ehSched.exe c:\windows\system32\inetsrv\inetinfo.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\mqsvc.exe c:\program files\Pure Networks\Network Magic\nmsrvc.exe c:\windows\ehome\mcrdsvc.exe c:\windows\system32\mqtgsvc.exe c:\windows\system32\dllhost.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\ehome\ehmsas.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\system32\wscntfy.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\program files\Common Files\AOL\1197034437\EE\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe . ************************************************************************** . Completion time: 2009-04-09 0:10:27 - machine was rebooted ComboFix-quarantined-files.txt 2009-04-09 04:10:24 ComboFix2.txt 2009-04-05 00:20:10 ComboFix3.txt 2009-04-04 22:23:33 Pre-Run: 5,281,476,608 bytes free Post-Run: 5,359,824,896 bytes free 269 --- E O F --- 2009-04-05 07:03:05

Great news! I ran both Hijackthis and Combofix in normal Windows, and it seems Combofix has done a good job. Check my logs and let me know what my next action should be. I must say the computer is running MUCH better after running combofix. ComboFix 09-04-04.01 - Stephen Conroy 2009-04-04 18:11:05.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1583 [GMT -4:00] Running from: c:\documents and settings\Stephen Conroy\Desktop\Combo-Fix.exe AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Stephen Conroy\Start Menu\Programs\WatchFree C:\install.exe c:\windows\system32\Cache c:\windows\system32\drivers\gaopdxfpykxxugnqmoeasrvqxruolmeoyngpxj.sys c:\windows\system32\gaopdxcounter c:\windows\system32\gaopdxddjnjaliugotixisvloempmtaiydcanw.dll c:\windows\system32\smartdrv.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_gaopdxserv.sys ((((((((((((((((((((((((( Files Created from 2009-03-04 to 2009-04-04 ))))))))))))))))))))))))))))))) . 2009-03-22 23:38 . 2009-03-22 23:38 <DIR> d-------- c:\program files\Trend Micro 2009-03-13 00:47 . 2009-03-13 00:47 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-03-13 00:34 . 2009-03-13 00:34 <DIR> d-------- c:\program files\Avira 2009-03-13 00:34 . 2009-03-13 00:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-03-12 23:05 . 2009-03-12 23:05 <DIR> d-------- c:\documents and settings\Stephen Conroy\Application Data\Malwarebytes 2009-03-12 21:59 . 2009-03-12 21:59 <DIR> d-------- c:\program files\FileASSASSIN 2009-03-12 21:54 . 2009-03-12 22:52 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-12 21:54 . 2009-03-12 21:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-03-12 21:54 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-03-12 21:54 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-03-11 00:56 . 2009-01-18 17:35 15,688 --a------ c:\windows\system32\lsdelete.exe 2009-03-11 00:45 . 2009-03-11 00:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2009-03-11 00:45 . 2009-03-11 00:45 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800} 2009-03-11 00:45 . 2009-01-18 17:30 64,160 --a------ c:\windows\system32\drivers\Lbd.sys 2009-03-05 01:40 . 2009-03-13 14:32 54,156 --ah----- c:\windows\QTFont.qfn 2009-03-05 01:40 . 2009-03-05 01:40 1,409 --a------ c:\windows\QTFont.for . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-01 02:24 7,520 --sha-w c:\windows\system32\KGyGaAvL.sys 2009-03-25 03:13 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint 2009-03-25 03:12 --------- d-----w c:\program files\Full Tilt Poker 2009-03-25 03:05 --------- d-----w c:\program files\BitTorrent 2009-03-12 13:55 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-03-12 12:42 --------- d-----w c:\documents and settings\Stephen Conroy\Application Data\utorrent 2009-03-11 04:45 --------- d-----w c:\program files\Lavasoft 2009-02-21 14:25 --------- d-----w c:\documents and settings\Patrick\Application Data\Apple Computer 2009-02-14 22:09 --------- d--h--w c:\documents and settings\Patrick\Application Data\Move Networks 2009-02-06 18:49 --------- d-----w c:\program files\PartyGaming 2009-02-06 18:49 --------- d-----w c:\program files\Google 2009-02-06 18:46 --------- d-----w c:\program files\MUSICMATCH 2009-02-06 18:45 --------- d--h--w c:\documents and settings\Peggy\Application Data\Gtek 2009-02-06 18:45 --------- d-----w c:\documents and settings\All Users\Application Data\GTek 2009-02-06 18:44 --------- d-----w c:\program files\Fifa Master 2009-02-06 18:43 --------- d-----w c:\program files\V CAST Music with Rhapsody 2009-01-17 02:35 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2007-08-28 73728] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "HostManager"="c:\program files\Common Files\AOL\1197034437\ee\AOLSoftware.exe" [2008-06-24 41824] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-18 506712] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 c:\windows\stsystra.exe] "MsmqIntCert"="mqrt.dll" [2007-07-06 c:\windows\system32\mqrt.dll] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-04-11 24576] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] -ra------ 2006-10-23 08:50 71216 c:\program files\Common Files\AOL\ACS\AOLDial.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] --a------ 2008-06-24 14:34 41824 c:\program files\Common Files\AOL\1197034437\EE\aolsoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-03-30 10:36 267048 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot] --a------ 2005-09-08 20:20 8192 c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-06-25 23:49 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2006-06-16 11:46 180269 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\AIM\\aim.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Documents and Settings\\Stephen Conroy\\Application Data\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\Program Files\\TVAnts\\Tvants.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"= "c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"= "c:\\Program Files\\Common Files\\AOL\\1197034437\\EE\\aolsoftware.exe"= "c:\\Program Files\\AOL 9.1\\waol.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"= "c:\\Program Files\\Common Files\\AOL\\1197034437\\ee\\aolservicehost.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\EA SPORTS\\MVP Baseball 2005\\mvp2005.exe"= "c:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"= "c:\\Program Files\\THQ\\Company of Heroes - Balance Playtest\\RelicCOH.exe"= "c:\\Program Files\\THQ\\Company of Heroes - Balance Playtest\\RelicDownloader\\RelicDownloader.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "67:UDP"= 67:UDP:0.0.0.0/255.255.255.255:Enabled:DHCP Discovery Service R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-11 64160] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 921936] S0 xrxyv;xrxyv;c:\windows\system32\drivers\uhzzdvnk.sys --> c:\windows\system32\drivers\uhzzdvnk.sys [?] S2 VTFOJMZE;VTFOJMZE;\??\c:\windows\system32\vtfojmze.fzv --> c:\windows\system32\vtfojmze.fzv [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] \Shell\AutoRun\command - D:\Launch.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}] \Shell\AutoRun\command - E:\setup.exe . Contents of the 'Scheduled Tasks' folder 2009-03-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 17:34] 2009-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57] 2009-04-04 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 00:07] . - - - - ORPHANS REMOVED - - - - HKCU-Run-AdobeUpdater - c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe . ------- Supplementary Scan ------- . uStart Page = hxxp://www.live.com mStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Trusted Zone: musicmatch.com\online FF - ProfilePath - c:\documents and settings\Stephen Conroy\Application Data\Mozilla\Firefox\Profiles\yrichvqd.default\ FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAdbESD.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npmnqmp07030901.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll . ************************************************************************** catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-04 18:21:12 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VTFOJMZE] "ImagePath"="\??\c:\windows\system32\vtfojmze.fzv" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-2560306997-580925832-812904618-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:8f,b3,f3,87,0e,7a,e6,7b,42,6d,b7,10,64,57,30,16,70,ef,72,63,a4,9a,8d, 98,35,65,c9,8a,c9,8f,0f,ea,e7,d1,52,50,99,7d,9d,ae,c9,f9,d2,f2,c2,9c,cb,75,\ "??"=hex:0c,2b,0c,1b,89,60,a6,e2,ba,7b,8b,cd,62,81,bf,a6 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(632) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-04-04 18:23:32 ComboFix-quarantined-files.txt 2009-04-04 22:23:01 Pre-Run: 1,897,512,960 bytes free Post-Run: 4,546,736,128 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect 212 --- E O F --- 2009-03-06 08:01:04 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:33:01 PM, on 4/4/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1197034437\ee\AOLSoftware.exe O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV\MaxTV.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://adobe.kodakgallery.com/downloads/BU..._2/axofupld.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {A959E4A5-0B3D-449E-9998-348705BD4092} (Desktop.Smdesk) - http://www.servicemagic.com/smod/smdesktop.CAB O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe -- End of file - 9028 bytes

I can't run a HJT scan and log in normal Windows. It locks up everytime it goes to scan O4 - Registry & Start Menu autoruns. I haven't tried Combo-fix on regular Windows yet, but it's highly doubtful it will run. There's very little I can do in Windows without it locking up. Suggestions? Run this stuff in Safe Mode?

Is it OK to run these in Safe Mode w/ Networking, or should I really try and perform these scans in normal Windows, even though I'm having great difficulty in doing anything in normal Windows? Combofix sounds like a powerful program and I don't want to cause a disaster running it in Safe Mode. Thanks

Ok, here is the latest. Sorry for the delay but I haven't been near the infected computer for a number of days now. However, I got a few minutes today and was able to take a look at it. First off, the computer starts up but while the desktop is loading the computer hangs up. I can't do much of anything starting Windows in normal mode. When I go over to Safe Mode, I've got a lot more success. I can access the internet, though not malwarebytes.org, and I can get into the C drive to retrieve the last Boot Log on the computer. When I opened up RootRepeal in Safe Mode it told me to use it at my own risk when operating in Safe Mode. My question is, should I run RootRepeal in Safe Mode with Networking? Here is my last boot log. Thanks! Service Pack 2 3 31 2009 19:39:51.375 Loaded driver \WINDOWS\system32\ntoskrnl.exe Loaded driver \WINDOWS\system32\hal.dll Loaded driver \WINDOWS\system32\KDCOM.DLL Loaded driver \WINDOWS\system32\BOOTVID.dll Loaded driver sptd.sys Loaded driver \WINDOWS\System32\Drivers\WMILIB.SYS Loaded driver \WINDOWS\System32\Drivers\SPTD9933.SYS Loaded driver ACPI.sys Loaded driver pci.sys Loaded driver isapnp.sys Loaded driver pciide.sys Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS Loaded driver MountMgr.sys Loaded driver ftdisk.sys Loaded driver dmload.sys Loaded driver dmio.sys Loaded driver PartMgr.sys Loaded driver sfsync02.sys Loaded driver VolSnap.sys Loaded driver atapi.sys Loaded driver disk.sys Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS Loaded driver fltMgr.sys Loaded driver sr.sys Loaded driver Lbd.sys Loaded driver DRVMCDB.SYS Loaded driver PxHelp20.sys Loaded driver KSecDD.sys Loaded driver WudfPf.sys Loaded driver Ntfs.sys Loaded driver NDIS.sys Loaded driver sfhlp02.sys Loaded driver sfdrv01.sys Loaded driver Mup.sys Did not load driver ACPI Multiprocessor PC Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys Did not load driver Conexant D850 56K V.9x DFVc Modem Loaded driver \SystemRoot\system32\DRIVERS\e100b325.sys Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys Loaded driver \SystemRoot\System32\Drivers\DLACDBHM.SYS Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys Loaded driver \SystemRoot\System32\Drivers\GEARAspiWDM.sys Loaded driver \SystemRoot\System32\Drivers\dtscsi.sys Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys Loaded driver \SystemRoot\system32\DRIVERS\psched.sys Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys Loaded driver \SystemRoot\system32\DRIVERS\wanatw4.sys Loaded driver \SystemRoot\system32\DRIVERS\rdpdr.sys Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys Loaded driver \SystemRoot\system32\DRIVERS\update.sys Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS Loaded driver \SystemRoot\System32\Drivers\i2omgmt.SYS Did not load driver \SystemRoot\System32\Drivers\Changer.SYS Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS Loaded driver \SystemRoot\System32\Drivers\Null.SYS Loaded driver \SystemRoot\System32\Drivers\Beep.SYS Loaded driver \SystemRoot\System32\Drivers\DLARTL_N.SYS Did not load driver i8042prt.SYS Did not load driver kbdhid.SYS Loaded driver \SystemRoot\System32\drivers\vga.sys Did not load driver mnmdd.SYS Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys Loaded driver \systemroot\system32\drivers\gaopdxfpykxxugnqmoeasrvqxruolmeoyngpxj.sys Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys Did not load driver Wanarp.SYS Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys Loaded driver \SystemRoot\System32\drivers\afd.sys Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys Did not load driver Serial.SYS Did not load driver intelppm.SYS Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS Did not load driver WS2IFSL.SYS Did not load driver ssmdrv.SYS Did not load driver SCDEmu.SYS Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys Did not load driver Fips.SYS Did not load driver avipbb.SYS Did not load driver avgio.SYS Loaded driver \SystemRoot\system32\DRIVERS\hidusb.sys Loaded driver \SystemRoot\system32\DRIVERS\kbdhid.sys Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Loaded driver \SystemRoot\system32\DRIVERS\mouhid.sys Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS Did not load driver Intel Processor Did not load driver Intel Processor Did not load driver RADEON Radeon X300/X550/X1050 Series Did not load driver RADEON Radeon X300/X550/X1050 Series Secondary Did not load driver SigmaTel High Definition Audio CODEC Did not load driver Conexant D850 56K V.9x DFVc Modem Did not load driver Audio Codecs Did not load driver Legacy Audio Drivers Did not load driver Media Control Devices Did not load driver Legacy Video Capture Devices Did not load driver Video Codecs Loaded driver \SystemRoot\system32\DRIVERS\ndisuio.sys Did not load driver \SystemRoot\system32\DRIVERS\rdbss.sys Did not load driver \SystemRoot\system32\DRIVERS\mrxsmb.sys Loaded driver \SystemRoot\system32\DRIVERS\srv.sys Did not load driver \SystemRoot\system32\DRIVERS\ipnat.sys